SPEC URL: https://topazus.fedorapeople.org/rpms/actor-framework.spec SRPM URL: https://topazus.fedorapeople.org/rpms/actor-framework-0.19.1-1.fc39.src.rpm Description: CAF is an open source implementation of the actor model for C++ featuring lightweight & fast actor implementations, pattern matching for messages, network transparent messaging, and more. Fedora Account System Username: topazus Reproducible: Always
Copr build: https://copr.fedorainfracloud.org/coprs/build/5897247 (succeeded) Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2196274-actor-framework/fedora-rawhide-x86_64/05897247-actor-framework/fedora-review/review.txt Please take a look if any issues were found. --- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string.
SPEC URL: https://topazus.fedorapeople.org/rpms/actor-framework.spec SRPM URL: https://topazus.fedorapeople.org/rpms/actor-framework-0.19.1-1.fc39.src.rpm fix owner of directory
Created attachment 1963640 [details] The .spec file difference from Copr build 5897247 to 5905027
Copr build: https://copr.fedorainfracloud.org/coprs/build/5905027 (succeeded) Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2196274-actor-framework/fedora-rawhide-x86_64/05905027-actor-framework/fedora-review/review.txt Please take a look if any issues were found. --- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string.
This isn't really relevant for the review, but a hint to save work: > # https://github.com/actor-framework/actor-framework/commit/db5fd0b2f56e4df14fe9a407f0461d1c34c42fbd > Patch0: actor-framework-fix-tools.patch I'd write this as Patch: https://github.com/actor-framework/actor-framework/commit/db5fd0b2f56e4df14fe9a407f0461d1c34c42fbd.patch This has the advantage that 'spectool -g *.spec' will just download the file without further ado. > License: BSD-3-Clause OR BSL-1.0 I think this needs to be "AND" instead. The sources are under the first license, but they are also combined with some other (header) files to form the compiled product. The result must then satisfy both licenses, i.e. is under the first and the second license. > actor-framework-tools.x86_64: W: no-manual-page-for-binary caf-run > actor-framework-tools.x86_64: W: no-manual-page-for-binary caf-vec > actor-framework-devel.x86_64: W: no-documentation > actor-framework-tools.x86_64: W: no-documentation Meh. > actor-framework.x86_64: W: crypto-policy-non-compliance-openssl /usr/lib64/libcaf_openssl.so.0.19.1 SSL_CTX_set_cipher_list This one is fairly problematic. The code does: SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!MD5") https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/#_cc_applications says: > check the source code for SSL_CTX_set_cipher_list(). If it is not present then nothing needs to be done (the default is used). Otherwise, if that call is present and provided a fixed string which does not contain PSK or SRP, replace the string with "PROFILE=SYSTEM", or remove the call. > 6 packages and 0 specfiles checked; 0 errors, 5 warnings, 0 badness; has taken 1.3 s Quoting Frostyx's review service: Requires (with glibc and linker stuff removed) -------- actor-framework (rpmlib, GLIBC filtered): libcaf_core.so.0.19.1()(64bit) libcaf_io.so.0.19.1()(64bit) libcrypto.so.3()(64bit) libcrypto.so.3(OPENSSL_3.0.0)(64bit) libssl.so.3()(64bit) libssl.so.3(OPENSSL_3.0.0)(64bit) actor-framework-devel (rpmlib, GLIBC filtered): actor-framework(x86-64) cmake-filesystem(x86-64) libcaf_core.so.0.19.1()(64bit) libcaf_io.so.0.19.1()(64bit) libcaf_net.so.0.19.1()(64bit) libcaf_openssl.so.0.19.1()(64bit) actor-framework-tools (rpmlib, GLIBC filtered): actor-framework(x86-64) libcaf_core.so.0.19.1()(64bit) libcaf_io.so.0.19.1()(64bit) actor-framework-debuginfo (rpmlib, GLIBC filtered): actor-framework-debugsource (rpmlib, GLIBC filtered): Provides -------- actor-framework: actor-framework actor-framework(x86-64) libcaf_core.so.0.19.1()(64bit) libcaf_io.so.0.19.1()(64bit) libcaf_net.so.0.19.1()(64bit) libcaf_openssl.so.0.19.1()(64bit) actor-framework-devel: actor-framework-devel actor-framework-devel(x86-64) cmake(CAF) cmake(caf) actor-framework-tools: actor-framework-tools actor-framework-tools(x86-64) Looks all good. (Or even better than "good". The spec file is very clean.) + package name is OK + license is acceptable for Fedora (BSD-3-Clause) - license is specified correctly (see above) + builds and installs OK + BR/P/R look correct + no scriptlets needed or present - rpmlint finds one issue (see above)
The PR of https://github.com/actor-framework/actor-framework/pull/1411 was merged by the upstream maintainer trying to solve the warning of crypto-policy-non-compliance-openssl, and the new release 0.19.2 was published. But rpmlint tool also reported the warning with the building of the new release. ref: https://copr.fedorainfracloud.org/coprs/topazus/test-review/build/6072938/ https://download.copr.fedorainfracloud.org/results/topazus/test-review/fedora-rawhide-x86_64/06072938-actor-framework/fedora-review/review.txt
update to new release: SPEC URL: https://topazus.fedorapeople.org/rpms/actor-framework.spec SRPM URL: https://topazus.fedorapeople.org/rpms/actor-framework-0.19.2-1.fc39.src.rpm
Created attachment 1970700 [details] The .spec file difference from Copr build 5905027 to 6073691
Copr build: https://copr.fedorainfracloud.org/coprs/build/6073691 (succeeded) Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2196274-actor-framework/fedora-rawhide-x86_64/06073691-actor-framework/fedora-review/review.txt Please take a look if any issues were found. --- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string.
Hello, I wonder is there any comments on the rpmlint warning of crypto-policy-non-compliance-openssl even for the latest release?
This is an automatic check from review-stats script. This review request ticket hasn't been updated for some time, but it seems that the review is still being working out by you. If this is right, please respond to this comment clearing the NEEDINFO flag and try to reach out the submitter to proceed with the review. If you're not interested in reviewing this ticket anymore, please clear the fedora-review flag and reset the assignee, so that a new reviewer can take this ticket. Without any reply, this request will shortly be resetted.
I totally dropped the ball on this one. Apologies! I see the spec file is gone… I can do another round of review if you want.
Sorry for the late response. I updated it to the latest release 1.0.1. SPEC URL: https://topazus.fedorapeople.org/actor-framework.spec SRPM URL: https://topazus.fedorapeople.org/actor-framework-1.0.1-1.fc41.src.rpm
+ package name is OK + license is acceptable for Fedora (BSD-3-Clause) + license is specified correctly (see above) + builds and installs OK + BR/P/R look correct + no scriptlets needed or present + rpmlint finds no real issues > %package examples > Summary: Development libraries and header files for %{name} Copy&paste duplication. rpmlint: actor-framework-devel.x86_64: W: no-documentation actor-framework-examples.x86_64: W: no-documentation actor-framework-examples.x86_64: E: no-binary actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/config/read-json.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/custom_type/custom_types_1.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/custom_type/custom_types_2.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/custom_type/custom_types_3.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/custom_type/custom_types_4.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/dynamic_behavior/dining_philosophers.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/dynamic_behavior/skip_messages.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/flow/iota.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/flow/multicaster.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/flow/observe-on.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/flow/spsc-buffer-resource.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/hello_world.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/http/client.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/http/rest.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/http/time-server.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/length_prefix_framing/chat-client.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/length_prefix_framing/chat-server.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/message_passing/calculator.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/message_passing/dancing_kirby.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/message_passing/delegating.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/message_passing/divider.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/message_passing/fan_out_request.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/message_passing/idle_timeout_once.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/message_passing/idle_timeout_repeat.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/message_passing/promises.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/message_passing/request.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/octet_stream/key-value-store.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/octet_stream/text-client.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/println.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/remoting/distributed_calculator.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/remoting/remote_spawn.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/remoting/stateful_remote_spawn.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/testing/ping_pong.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/web_socket/echo.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/web_socket/hello-client.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/web_socket/quote-server.cpp actor-framework-examples.x86_64: W: devel-file-in-non-devel-package /usr/share/caf/examples/web_socket/stock-ticker.cpp This is fine, those are example files. actor-framework-examples.x86_64: W: description-shorter-than-summary The Summary is wrong, see above. actor-framework.x86_64: W: crypto-policy-non-compliance-openssl /usr/lib64/libcaf_openssl.so.1 SSL_CTX_set_cipher_list This is a false positive. With the recent changes, SSL_CTX_set_cipher_list is only called if explicitly configured. Package is APPROVED.
Thanks for doing the package review. Fixed the summary expression of -examples subpackage. SPEC URL: https://topazus.fedorapeople.org/actor-framework.spec SRPM URL: https://topazus.fedorapeople.org/actor-framework-1.0.1-1.fc41.src.rpm
The Pagure repository was created at https://src.fedoraproject.org/rpms/actor-framework
FEDORA-2024-4eb6ffbf06 (actor-framework-1.0.1-1.fc42) has been submitted as an update to Fedora 42. https://bodhi.fedoraproject.org/updates/FEDORA-2024-4eb6ffbf06
FEDORA-2024-1cf8622de4 (actor-framework-1.0.1-1.fc41) has been submitted as an update to Fedora 41. https://bodhi.fedoraproject.org/updates/FEDORA-2024-1cf8622de4
FEDORA-2024-4eb6ffbf06 (actor-framework-1.0.1-1.fc42) has been pushed to the Fedora 42 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2024-1cf8622de4 (actor-framework-1.0.1-1.fc41) has been pushed to the Fedora 41 stable repository. If problem still persists, please make note of it in this bug report.